Tags: Vulnerabilities

Finding Vulnerable Packages
Now that you understand what a known vulnerability is, let’s start going through the four steps needed to address them: find, fix, prevent, and respond.
The first step in solving any problem is acknowledging you have one! And so, with vulnerable packages, your first act...

A kernel that has had nearly 83,000 patches applied will certainly have a few bugs introduced along with the new features, states the 2017 Linux Kernel Development Report, written by Jonathan Corbet and Greg Kroah-Hartman.
To find and report those bugs, Linux kernel developers depend on a wide...

Security is a hot topic in web development with great reason. Every few months a major website is cracked and millions of user records are leaked. Many times the cause of a breach is from a simple vulnerability that has been overlooked. Here are a few tips to give you a quick overview of standard...

The computer industry is racing to deal with several new vulnerabilities that affect the majority of processors in modern computers and mobile devices. The flaws enable new attacks that break the critical memory defenses in operating systems and bypass fundamental isolation layers, including those...

Intel reports that company has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from “Spectre” and “Meltdown” exploits reported by Google Project Zero. Intel and its partners have...

The incidence of denial-of-service (DoS) attacks has consistently grown over the last few years, "steadily becoming one of the biggest threats to Internet stability and reliability." Over the last year or so, the emergence of IoT-based botnets -- such as Mirai and more recently Reaper, with as yet...

For programmers and software developers, the Internet forums provide a great place to exchange knowledge and seek answers to concrete coding conundrums. Alas, they are not always the source of accurate information.
A group of Virginia Tech researchers has analyzed hundreds of posts on Stack...

Our team has previously posted about DNS vulnerabilities and exploits. Lately, we’ve been busy reviewing the security of another DNS software package: Dnsmasq. We are writing this to disclose the issues we found and to publicize the patches in an effort to increase their uptake.Dnsmasq provides...

Google has outlined four key kernel hardening features its engineers have backported from upstream Linux to Android kernels on devices that ship with Android 8.0 Oreo. They will benefit "all Android kernels supported in devices that first ship with this release", according to Sami Tolvanen, a...

Red Hat has fixed an important vulnerability in the OpenStack subsystem that’s used to manage network connectivity to and from virtual machines. If left unpatched, it could allow an attacker to access network resources from virtual machines.
The vulnerability, tracked as CVE-2017-7543 in the Common...